diff options
| author | Nikhil Ashoka <a.nikhil@ibm.com> | 2022-01-27 16:40:31 +0300 |
|---|---|---|
| committer | Dixsie Wolmers <dixsiew@gmail.com> | 2022-02-04 17:20:44 +0300 |
| commit | aee27141f4c002306e9a4bf44dc4f9618a5fae62 (patch) | |
| tree | 7e1b6e1549a128d789ad0c24423ec013da1a7e4e | |
| parent | 18cde3ce0c1b2f99e94f5cef66661adcb22ba8f7 (diff) | |
| download | webui-vue-aee27141f4c002306e9a4bf44dc4f9618a5fae62.tar.xz | |
Security Panel add additional features
Added RTAD under Network interfaces
Added VirtualTPM under Network services
Removed the sub-headings in Policies page
Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: I6290362cecdfe7f8cd7bfde20fcaca88b6bc2c09
| -rw-r--r-- | src/locales/en-US.json | 17 | ||||
| -rw-r--r-- | src/store/modules/SecurityAndAccess/PoliciesStore.js | 63 | ||||
| -rw-r--r-- | src/views/SecurityAndAccess/Policies/Policies.vue | 198 |
3 files changed, 218 insertions, 60 deletions
diff --git a/src/locales/en-US.json b/src/locales/en-US.json index f29ba0e9..ddc556df 100644 --- a/src/locales/en-US.json +++ b/src/locales/en-US.json @@ -714,7 +714,8 @@ "pagePolicies": { "ipmi": "Network IPMI (out-of-band IPMI)", "ipmiDescription": "Allow remote management of the platform via IPMI. Tools such as ipmitool require this setting to be enabled.", - "networkServices": "Network services", + "rtad": "RTAD", + "rtadDescription": "This option enables or disables the Remote Trusted Attestation Daemon for host firmware", "ssh": "BMC shell (via SSH)", "sshDescription": "Allow access to shell sessions via SSH, through port 22 on the BMC.", "modal": { @@ -730,13 +731,23 @@ "toast": { "errorIpmiDisabled": "Error disabling IPMI security setting.", "errorIpmiEnabled": "Error enabling IPMI security setting.", + "errorRtadDisabled": "Error disabling RTAD security setting.", + "errorRtadEnabled": "Error enabling RTAD security setting.", "errorSshDisabled": "Error disabling SSH security setting.", "errorSshEnabled": "Error enabling SSH security setting.", + "errorVtpmDisabled": "Error disabling VitualTPM security setting.", + "errorVtpmEnabled": "Error enabling VitualTPM security setting.", "successIpmiDisabled": "Successfully disabled IPMI security setting.", "successIpmiEnabled": "Successfully enabled IPMI security setting.", + "successRtadDisabled": "Successfully disabled RTAD security setting.", + "successRtadEnabled": "Successfully enabled RTAD security setting.", "successSshDisabled": "Successfully disabled SSH security setting.", - "successSshEnabled": "Successfully enabled SSH security setting." - } + "successSshEnabled": "Successfully enabled SSH security setting.", + "successVtpmDisabled": "Successfully disabled VitualTPM security setting.", + "successVtpmEnabled": "Successfully enabled VitualTPM security setting." + }, + "vtpm": "VirtualTPM", + "vtpmDescription": "Enabling vTPM makes a TPM available to the guest operating system." }, "pagePower": { "description": "Set a power cap to keep power consumption at or below the specified value in watts", diff --git a/src/store/modules/SecurityAndAccess/PoliciesStore.js b/src/store/modules/SecurityAndAccess/PoliciesStore.js index 1e195527..64bd3369 100644 --- a/src/store/modules/SecurityAndAccess/PoliciesStore.js +++ b/src/store/modules/SecurityAndAccess/PoliciesStore.js @@ -6,16 +6,22 @@ const PoliciesStore = { state: { sshProtocolEnabled: false, ipmiProtocolEnabled: false, + rtadEnabled: 'Disabled', + vtpmEnabled: 'Disabled', }, getters: { sshProtocolEnabled: (state) => state.sshProtocolEnabled, ipmiProtocolEnabled: (state) => state.ipmiProtocolEnabled, + rtadEnabled: (state) => state.rtadEnabled, + vtpmEnabled: (state) => state.vtpmEnabled, }, mutations: { setSshProtocolEnabled: (state, sshProtocolEnabled) => (state.sshProtocolEnabled = sshProtocolEnabled), setIpmiProtocolEnabled: (state, ipmiProtocolEnabled) => (state.ipmiProtocolEnabled = ipmiProtocolEnabled), + setRtadEnabled: (state, rtadEnabled) => (state.rtadEnabled = rtadEnabled), + setVtpmEnabled: (state, vtpmEnabled) => (state.vtpmEnabled = vtpmEnabled), }, actions: { async getNetworkProtocolStatus({ commit }) { @@ -29,6 +35,15 @@ const PoliciesStore = { }) .catch((error) => console.log(error)); }, + async getBiosStatus({ commit }) { + return await api + .get('/redfish/v1/Systems/system/Bios') + .then((response) => { + commit('setRtadEnabled', response.data.Attributes.pvm_rtad); + commit('setVtpmEnabled', response.data.Attributes.pvm_vtpm); + }) + .catch((error) => console.log(error)); + }, async saveIpmiProtocolState({ commit }, protocolEnabled) { commit('setIpmiProtocolEnabled', protocolEnabled); const ipmi = { @@ -81,6 +96,54 @@ const PoliciesStore = { } }); }, + async saveRtadState({ commit }, updatedRtad) { + commit('setRtadEnabled', updatedRtad); + return await api + .patch('/redfish/v1/Systems/system/Bios/Settings', { + Attributes: { + pvm_rtad: updatedRtad, + }, + }) + .then(() => { + if (updatedRtad === 'Enabled') { + return i18n.t('pagePolicies.toast.successRtadEnabled'); + } else { + return i18n.t('pagePolicies.toast.successRtadDisabled'); + } + }) + .catch((error) => { + console.log(error); + if (updatedRtad === 'Enabled') { + throw new Error(i18n.t('pagePolicies.toast.errorRtadEnabled')); + } else { + throw new Error(i18n.t('pagePolicies.toast.errorRtadDisabled')); + } + }); + }, + async saveVtpmState({ commit }, updatedVtpm) { + commit('setVtpmEnabled', updatedVtpm); + return await api + .patch('/redfish/v1/Systems/system/Bios/Settings', { + Attributes: { + pvm_vtpm: updatedVtpm, + }, + }) + .then(() => { + if (updatedVtpm === 'Enabled') { + return i18n.t('pagePolicies.toast.successVtpmEnabled'); + } else { + return i18n.t('pagePolicies.toast.successVtpmDisabled'); + } + }) + .catch((error) => { + console.log(error); + if (updatedVtpm === 'Enabled') { + throw new Error(i18n.t('pagePolicies.toast.errorVtpmEnabled')); + } else { + throw new Error(i18n.t('pagePolicies.toast.errorVtpmDisabled')); + } + }); + }, }, }; diff --git a/src/views/SecurityAndAccess/Policies/Policies.vue b/src/views/SecurityAndAccess/Policies/Policies.vue index ebcb0025..1dc197c7 100644 --- a/src/views/SecurityAndAccess/Policies/Policies.vue +++ b/src/views/SecurityAndAccess/Policies/Policies.vue @@ -3,65 +3,112 @@ <page-title /> <b-row> <b-col md="8"> - <page-section :section-title="$t('pagePolicies.networkServices')"> - <b-row v-if="!modifySSHPolicyDisabled" class="setting-section"> - <b-col class="d-flex align-items-center justify-content-between"> - <dl class="mr-3 w-75"> - <dt>{{ $t('pagePolicies.ssh') }}</dt> - <dd> - {{ $t('pagePolicies.sshDescription') }} - </dd> - </dl> - <b-form-checkbox - id="sshSwitch" - v-model="sshProtocolState" - data-test-id="policies-toggle-bmcShell" - switch - @change="changeSshProtocolState" - > - <span class="sr-only"> - {{ $t('pagePolicies.ssh') }} - </span> - <span v-if="sshProtocolState"> - {{ $t('global.status.enabled') }} - </span> - <span v-else>{{ $t('global.status.disabled') }}</span> - </b-form-checkbox> - </b-col> - </b-row> - <b-row class="setting-section"> - <b-col class="d-flex align-items-center justify-content-between"> - <dl class="mt-3 mr-3 w-75"> - <dt>{{ $t('pagePolicies.ipmi') }}</dt> - <dd> - {{ $t('pagePolicies.ipmiDescription') }} - </dd> - </dl> - <b-form-checkbox - id="ipmiSwitch" - v-model="ipmiProtocolState" - data-test-id="polices-toggle-networkIpmi" - switch - @change="changeIpmiProtocolState" - > - <span class="sr-only"> - {{ $t('pagePolicies.ipmi') }} - </span> - <span v-if="ipmiProtocolState"> - {{ $t('global.status.enabled') }} - </span> - <span v-else>{{ $t('global.status.disabled') }}</span> - </b-form-checkbox> - </b-col> - </b-row> - </page-section> + <b-row v-if="!modifySSHPolicyDisabled" class="setting-section"> + <b-col class="d-flex align-items-center justify-content-between"> + <dl class="mr-3 w-75"> + <dt>{{ $t('pagePolicies.ssh') }}</dt> + <dd> + {{ $t('pagePolicies.sshDescription') }} + </dd> + </dl> + <b-form-checkbox + id="sshSwitch" + v-model="sshProtocolState" + data-test-id="policies-toggle-bmcShell" + switch + @change="changeSshProtocolState" + > + <span class="sr-only"> + {{ $t('pagePolicies.ssh') }} + </span> + <span v-if="sshProtocolState"> + {{ $t('global.status.enabled') }} + </span> + <span v-else>{{ $t('global.status.disabled') }}</span> + </b-form-checkbox> + </b-col> + </b-row> + <b-row class="setting-section"> + <b-col class="d-flex align-items-center justify-content-between"> + <dl class="mt-3 mr-3 w-75"> + <dt>{{ $t('pagePolicies.ipmi') }}</dt> + <dd> + {{ $t('pagePolicies.ipmiDescription') }} + </dd> + </dl> + <b-form-checkbox + id="ipmiSwitch" + v-model="ipmiProtocolState" + data-test-id="polices-toggle-networkIpmi" + switch + @change="changeIpmiProtocolState" + > + <span class="sr-only"> + {{ $t('pagePolicies.ipmi') }} + </span> + <span v-if="ipmiProtocolState"> + {{ $t('global.status.enabled') }} + </span> + <span v-else>{{ $t('global.status.disabled') }}</span> + </b-form-checkbox> + </b-col> + </b-row> + <b-row class="setting-section"> + <b-col class="d-flex align-items-center justify-content-between"> + <dl class="mt-3 mr-3 w-75"> + <dt>{{ $t('pagePolicies.vtpm') }}</dt> + <dd> + {{ $t('pagePolicies.vtpmDescription') }} + </dd> + </dl> + <b-form-checkbox + id="vtpmSwitch" + v-model="vtpmState" + data-test-id="policies-toggle-vtpm" + switch + @change="changeVtpmState" + > + <span class="sr-only"> + {{ $t('pagePolicies.vtpm') }} + </span> + <span v-if="vtpmState"> + {{ $t('global.status.enabled') }} + </span> + <span v-else>{{ $t('global.status.disabled') }}</span> + </b-form-checkbox> + </b-col> + </b-row> + <b-row class="setting-section"> + <b-col class="d-flex align-items-center justify-content-between"> + <dl class="mt-3 mr-3 w-75"> + <dt>{{ $t('pagePolicies.rtad') }}</dt> + <dd> + {{ $t('pagePolicies.rtadDescription') }} + </dd> + </dl> + <b-form-checkbox + id="rtadSwitch" + v-model="rtadState" + data-test-id="policies-toggle-rtad" + switch + @change="changeRtadState" + > + <span class="sr-only"> + {{ $t('pagePolicies.rtad') }} + </span> + <span v-if="rtadState"> + {{ $t('global.status.enabled') }} + </span> + <span v-else>{{ $t('global.status.disabled') }}</span> + </b-form-checkbox> + </b-col> + </b-row> </b-col> </b-row> </b-container> </template> <script> -import PageSection from '@/components/Global/PageSection'; import PageTitle from '@/components/Global/PageTitle'; import LoadingBarMixin from '@/components/Mixins/LoadingBarMixin'; @@ -69,7 +116,7 @@ import BVToastMixin from '@/components/Mixins/BVToastMixin'; export default { name: 'Policies', - components: { PageTitle, PageSection }, + components: { PageTitle }, mixins: [LoadingBarMixin, BVToastMixin], beforeRouteLeave(to, from, next) { this.hideLoader(); @@ -98,12 +145,37 @@ export default { return newValue; }, }, + rtadState: { + get() { + if (this.$store.getters['policies/rtadEnabled'] === 'Enabled') { + return true; + } else { + return false; + } + }, + set(newValue) { + return newValue; + }, + }, + vtpmState: { + get() { + if (this.$store.getters['policies/vtpmEnabled'] === 'Enabled') { + return true; + } else { + return false; + } + }, + set(newValue) { + return newValue; + }, + }, }, created() { this.startLoader(); - this.$store - .dispatch('policies/getNetworkProtocolStatus') - .finally(() => this.endLoader()); + Promise.all([ + this.$store.dispatch('policies/getBiosStatus'), + this.$store.dispatch('policies/getNetworkProtocolStatus'), + ]).finally(() => this.endLoader()); }, methods: { changeIpmiProtocolState(state) { @@ -118,6 +190,18 @@ export default { .then((message) => this.successToast(message)) .catch(({ message }) => this.errorToast(message)); }, + changeRtadState(state) { + this.$store + .dispatch('policies/saveRtadState', state ? 'Enabled' : 'Disabled') + .then((message) => this.successToast(message)) + .catch(({ message }) => this.errorToast(message)); + }, + changeVtpmState(state) { + this.$store + .dispatch('policies/saveVtpmState', state ? 'Enabled' : 'Disabled') + .then((message) => this.successToast(message)) + .catch(({ message }) => this.errorToast(message)); + }, }, }; </script> |